File _patchinfo of Package patchinfo.6060

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.6060

<patchinfo incident="6060">
  <issue id="1067441" tracker="bnc">VUL-1: CVE-2017-16642: php5,php7,php53: timelib_meridian error could be used to leak information from the interpreter</issue>
  <issue id="1067090" tracker="bnc">VUL-0: CVE-2015-4025: php5,php53: pathname truncation in (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink.</issue>
  <issue id="1069606" tracker="bnc">VUL-0: CVE-2017-9228: php5,php53,php7:  heap out-of-bounds write occurs in bitset_set_range() during regex compilation</issue>
  <issue id="1069631" tracker="bnc">VUL-0:  CVE-2017-9229: php5,php7,php53: oniguruma: Invalid pointer dereference in left_adjust_char_head()</issue>
  <issue id="2017-16642" tracker="cve" />
  <issue id="2017-4025" tracker="cve" />
  <issue id="2017-9228" tracker="cve" />
  <issue id="2017-9229" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>This update for php5 fixes the following issues:

Security issues fixed:

- CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter (bsc#1067441).
- CVE-2017-4025: Fix pathname truncation in set_include_path, tempnam, rmdir, and readlink (bsc#1067090).
- CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606).
- CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631).
</description>
  <summary>Security update for php5</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.6060

Places